Welcome to the Forum Archive!

Years of conversation fill a ton of digital pages, and we've kept all of it accessible to browse or copy over. Whether you're looking for reveal articles for older champions, or the first time that Rammus rolled into an "OK" thread, or anything in between, you can find it here. When you're finished, check out the boards to join in the latest League of Legends discussions.

Now i dont know if riot has done ANY of these things, because it seems all too oftem and easy for them to get smashed by some random troll who probably doesnt have the billions it would cost to do something extravagant to a fully locked down dns protocol. anyway have a look

Hello, just wanted to see if I could drum up some conversations about the nature of DDOS attacks and what kind of scale we're seeing. The attacks that have recently taken place on many different Internet services are quite large because of a very specific flaw in the NTP protocol. These attacks are called reflection attacks. (http://en.wikipedia.org/wiki/Denial-of-service_attack#Reflected_.2F_Spoofed_attack).

What's difficult to deal with when it comes to DDOS attacks is that the larger the attacks become, the easier it is for the attacker to completely consume all bandwidth available for a specific provider. What this means is that any Internet service that this provider has under them is also unable to communicate back to the Internet. As the attacks become larger, we block them farther and farther up the provider levels, until we're working with Tier 1 ISPs to implement access control lists that prevent these attacks. Here's some more information from Cloudflare about the recent NTP Reflection DDOSes (http://blog.cloudflare.com/understanding-and-mitigating-ntp-based-ddos-attacks)

Us networking guys at Riot are not only working internally to find a solution to this problem, but we're also working with the Information Security industry as a whole to improve the situation. We're working to find a tech solution to block the attacks as they're ongoing, and fixing the underlying problem of open/unpatched NTP servers on the Internet.

Please feel free to toss any questions my way that you might have, I would love to have a chat with everyone about this and answer as much as I can.

Hello, just wanted to see if I could drum up some conversations about the nature of DDOS attacks and what kind of scale we're seeing. The attacks that have recently taken place on many different Internet services are quite large because of a very specific flaw in the NTP protocol. These attacks are called reflection attacks. (http://en.wikipedia.org/wiki/Denial-of-service_attack#Reflected_.2F_Spoofed_attack).

What's difficult to deal with when it comes to DDOS attacks is that the larger the attacks become, the easier it is for the attacker to completely consume all bandwidth available for a specific provider. What this means is that any Internet service that this provider has under them is also unable to communicate back to the Internet. As the attacks become larger, we block them farther and farther up the provider levels, until we're working with Tier 1 ISPs to implement access control lists that prevent these attacks. Here's some more information from Cloudflare about the recent NTP Reflection DDOSes (http://blog.cloudflare.com/understanding-and-mitigating-ntp-based-ddos-attacks)

Us networking guys at Riot are not only working internally to find a solution to this problem, but we're also working with the Information Security industry as a whole to improve the situation. We're working to find a tech solution to block the attacks as they're ongoing, and fixing the underlying problem of open/unpatched NTP servers on the Internet.

Please feel free to toss any questions my way that you might have, I would love to have a chat with everyone about this and answer as much as I can.

Hello, just wanted to see if I could drum up some conversations about the nature of DDOS attacks and what kind of scale we're seeing. The attacks that have recently taken place on many different Internet services are quite large because of a very specific flaw in the NTP protocol. These attacks are called reflection attacks. (http://en.wikipedia.org/wiki/Denial-of-service_attack#Reflected_.2F_Spoofed_attack).

What's difficult to deal with when it comes to DDOS attacks is that the larger the attacks become, the easier it is for the attacker to completely consume all bandwidth available for a specific provider. What this means is that any Internet service that this provider has under them is also unable to communicate back to the Internet. As the attacks become larger, we block them farther and farther up the provider levels, until we're working with Tier 1 ISPs to implement access control lists that prevent these attacks. Here's some more information from Cloudflare about the recent NTP Reflection DDOSes (http://blog.cloudflare.com/understanding-and-mitigating-ntp-based-ddos-attacks)

Us networking guys at Riot are not only working internally to find a solution to this problem, but we're also working with the Information Security industry as a whole to improve the situation. We're working to find a tech solution to block the attacks as they're ongoing, and fixing the underlying problem of open/unpatched NTP servers on the Internet.

Please feel free to toss any questions my way that you might have, I would love to have a chat with everyone about this and answer as much as I can.

I did not understand a single word of what you just said, so I will assume you know your job!

Yup, I've wanted to find the right post to start a conversation in... but so many of them are "RIOT FIX YOUR SERVERS" .. and I really wanted to have a dialog, rather than a storm of that sort of message.

I don't mind chatting with you all (I'd actually prefer it over staying quiet), and I'd really like to address any questions that I can. I'll be honest, it's a ****ty situation to be in, and myself along with a lot of other Rioters, as well as other industry professionals are trying to solve this problem as a whole rather than slowly crawling our ACLS up our provider lists. It really does make me sad that any of your games get ruined because of a DDOS, which is even more motivation to kick our butts into high gear and get this problem solved.